Current processors may provide support for a trusted execution environment such as a secure enclave. Secure enclaves include segments of memory (including code and/or data) protected by the processor from unauthorized access including unauthorized reads and writes. In particular, certain processors may include Intel® Software Guard Extensions (SGX) to provide secure enclave support. SGX provides confidentiality, integrity, and replay-protection to the secure enclave data while the data is resident in the platform memory and thus provides protection against both software and hardware attacks. The on-chip boundary forms a natural security boundary, where data and code may be stored in plaintext and assumed to be secure. For typical systems, a launch enclave provided by a manufacturer of the processor may be responsible for launching, verifying, and otherwise managing all other enclaves executed by the computing device, including enclaves provided by independent software vendors. The launch enclave may function as the licensing root for all secure enclaves executed by the system.